<pre style='margin:0'>
Christopher Nielsen (mascguy) pushed a commit to branch master
in repository macports-legacy-support.
</pre>
<p><a href="https://github.com/macports/macports-legacy-support/commit/83969088f09bc0a834813bbc12f138e95ef3baca">https://github.com/macports/macports-legacy-support/commit/83969088f09bc0a834813bbc12f138e95ef3baca</a></p>
<pre style="white-space: pre; background: #F8F8F8"><span style='display:block; white-space:pre;color:#808000;'>commit 83969088f09bc0a834813bbc12f138e95ef3baca
</span>Author: Fred Wright <fw@fwright.net>
AuthorDate: Sat Jun 8 15:22:08 2024 -0700
<span style='display:block; white-space:pre;color:#404040;'> Improve stpncpy() security wrapper workaround.
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> This replaces the ugly OS version check with logic obtained from
</span><span style='display:block; white-space:pre;color:#404040;'> the 10.9+ secure/_string.h, which was initially missed because
</span><span style='display:block; white-space:pre;color:#404040;'> it wasn't intoduced until two versions after stpncpy() was introduced
</span><span style='display:block; white-space:pre;color:#404040;'> in 10.7. See the comment for more detail.
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> TESTED:
</span><span style='display:block; white-space:pre;color:#404040;'> Tested on 10.4-10.5 ppc, 10.5-10.6 ppc (i386 Rosetta), 10.4-10.6 i386,
</span><span style='display:block; white-space:pre;color:#404040;'> 10.5-12.x x86_64, and 11.x-14.x arm64. Tested against all 10.4-14.x
</span><span style='display:block; white-space:pre;color:#404040;'> SDKs, using the headerinfo manual test (from a subsequent commit).
</span><span style='display:block; white-space:pre;color:#404040;'> All target/SDK combinations where the SDK supports the CPU
</span><span style='display:block; white-space:pre;color:#404040;'> architecture work correctly, including all SDKs on Intel
</span><span style='display:block; white-space:pre;color:#404040;'> architectures. Only 10.4-10.6 SDKs support ppc, and only 11.x+ SDKs
</span><span style='display:block; white-space:pre;color:#404040;'> support arm64.
</span>---
include/string.h | 33 ++++++++++++++++++++++++++-------
1 file changed, 26 insertions(+), 7 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/include/string.h b/include/string.h
</span><span style='display:block; white-space:pre;color:#808080;'>index fa5223c..a9c3a2d 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/include/string.h
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/include/string.h
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -68,22 +68,41 @@ __MP__END_DECLS
</span>
#if __MP_LEGACY_SUPPORT_STPNCPY__
/*
<span style='display:block; white-space:pre;background:#ffe0e0;'>- * GCC 4.2 for 10.5 lacks __builtin___stpncpy_chk, even though GCC 4.2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- * for 10.6 has it. In the absence of a reasonable way to check for compiler
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- * support directly, we rely on the OS version for the decision. Note that
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- * the security wrapper mechanism isn't enabled by default on 10.5, anyway,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- * but this allows it to work (inefficiently) if it's enabled explicitly.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * Some compilers lack __builtin___stpncpy_chk, requiring a workaround.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * Handling this is complicated by the fact that support was added to
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * some compilers prior to the __has_builtin() feature that allows directly
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * testing for it. It's possible to work around this based on the compiler
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * version, but that's further complicated by the fact that Apple added it
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * earlier than the official GCC addition in 4.7. So, in the absence of
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * a positive __has_builtin() result, we need to see whether either the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * GCC version or the Apple GCC version is sufficiently recent.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ *
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * Apple didn't get around to adding this logic until the 10.9 SDK, even
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * though stpncpy() was added in 10.7, so the correct (albeit complicated)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * condition was initially missed. The condition here is taken directly
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * from secure/_string.h in the 10.9+ SDKs.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ *
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * The workaround here is to define a missing __builtin___stpncpy_chk as
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * a macro pointing at the runtime code, which is less efficient but works.
</span> *
* This applies regardless of whether the wrapper comes from here or from
* a 10.7+ SDK, hence we always define it here. To make this effective
* in the 10.7+ SDK case, we use a different name for the inline, which
* also avoids a duplicate definition issue.
*/
<span style='display:block; white-space:pre;background:#ffe0e0;'>-#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ < 1060
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#ifdef __has_builtin
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#define __HAVE_BUILTIN_STPNCPY_CHK__ __has_builtin(__builtin___stpncpy_chk)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#define __HAVE_BUILTIN_STPNCPY_CHK__ \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ (__APPLE_CC__ >= 5666 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 7))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#if !__HAVE_BUILTIN_STPNCPY_CHK__
</span> extern char *__stpncpy_chk(char *dest, const char *src, size_t len,
size_t dstlen);
#define __builtin___stpncpy_chk __stpncpy_chk
<span style='display:block; white-space:pre;background:#ffe0e0;'>-#endif /* OS <10.6 */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#endif /* !__HAVE_BUILTIN_STPNCPY_CHK__ */
</span>
#undef stpncpy
#define stpncpy(dest, src, len) \
</pre><pre style='margin:0'>
</pre>